Definition of the word Virus: an infection, a self-replicating bacterium in the computer world, referring to unwanted files within a system.
In other words, you have an “infection,” and there are files on your server that do not belong there. You are dealing with a virus as these files will spread once they find their way onto the server.
To determine if your server/website is infected with a WordPress virus, it is important to distinguish between the three types of files.
Explanation of Different Files on the Server
- Regular WordPress files that belong there.
- Regular files that are infected/injected with malicious code.
- New files created by the virus or at the beginning of the virus.
How to Recognize Virus Files on the Server
Note: You will need FTP access to the server using an external FTP program.
- Virus files are often created later and have modified or created dates different from all other files.
- These files are often encoded with Base64 and Eval to avoid detection by the server.
- The names of the files differ from the original WordPress files (e.g., Core.php – deleteme.php – test.php – inc.php).
- The codes supporting the virus are all concatenated together without proper formatting.
- With a good server antivirus, they are labeled as suspected.php.
Preventing a WordPress Virus from Infecting Your Server
As the old saying goes, prevention is better than cure, and this is certainly applicable in this case.
There are two factors to consider:
- The hosting provider responsible for updates (Note: with a VPS, you need to do this yourself).
- The antivirus you use for WordPress.
The hosting provider will always hold you responsible for what happens to your WordPress website and how it affects the server. Therefore, ensure your WordPress is up-to-date and secure.
If You Already Have a WordPress Virus
If you are reading this article because there is already a virus on your WordPress (and hence on the server), you can use the five points described above to make the server virus-free. However, this is not easy and requires a lot of knowledge of code, WordPress, server files, and file permissions.